Refurbished ‘ethical’ phones

Bananas uses an isp for mobile phone sim access* and for nearly £400 they are offering ‘refurbished ‘ ethical phones which is no discount on the ‘new’ version.

When one can buy a non ethical andriod phone for £80 I cannot see how this is any kind of bargain.  Perhaps if you buy ethical products then perhaps £380 sounds a great deal.

Somebody will be happy I am sure of that. at that price. Not us.

*cheaper than a phone company

Not fixing cars with google

I am not a mechanic but google is an interesting way to diagnose problems being a non mechanic when its battery/fuses/immobiliser mean yes it is an electrical fault something and our attempts to diagnose it where a failure.

So an human expert was sought, youtube is an interesting place although some solutions seem per year model and i guess wont work on a older or newer versions

On refection It appears that our battery charger does not work, and the battery was the fault from a second opinion despite having enough voltage to switch on most electrics.

The cars guide book was also vague when it was consulted on what it could be so nobody came out a winner being not a ‘please insert the forth wheel’ obvious fault…

A car that cannot start but powers up instruments is almost a paradox, and it appears one issue more will be seen of by many.

The ‘dark web’ and the federal government

wenlock a policeman

I wonder how many government employees will also be arrested for wondering off with the undeclared proceeds as they did with silk road in this new replacement market they also have shutdown.

I was amused to read that the genius ‘running’ the site had a free microsoft email address and advertised the fact on social media.

pi hole (nothing about circles)

Is dns blocking using a thing but as a debian user i could use without the crap fanboy hardware (my blog).

pihole

I simply installed it on a workstation and it uses dnsmasq

It currently does ad blocking by default so comment services wont work as there deemed trackers, i have no idea what facebook ends up like looking and it is a non issue for the monkey house.    I was interested in it as i was looking for possible rpz data feeds

Questions could be asked  about say the iab.

nodnssecOne problem with pi hole is no dnssec validation (my blog) although i have valid tlsa out of the box dnsmasq needs a dnssec option. For an exercise it does not appear to works once you find the the right config file.  An issue most of you wont have.

Being new to dnsmasq that was fun and the ability to swtich it on and off lies in /etc/default.

pi-hole works with a script file and to find the source files took a bit hunting, there are no pauses with website loading.

I would not bother with the raspberry pi, there probably out of stock anyhow when three fans bought all the production of them all for the next twelve months.

Running debian stretch thoughts

As a server (my blog not as workstation (my blog)

The improvements first.

Postfix with postmulti

I had this ‘forced’ on me by systemd (my blog) not running the simple one instance that supposedly everybody else does and is ok with.  While i am still a bit newbish with the postfix command replacement it feels a better solution especially with logging which my older extra instances did not offer – as to what instance was doing.

There is no real config change but seems a more modern config despite that not changing and already having scripts that ise multiple postfix configs.

Postfix is a lot less tolerant of clients such as

connect from unknown[12.130.172.232]

Who don’t do much but like to test things and despite our config from before denying such activity [ddos,spammers,clueless,bot nets] it feels as if they are discarded more quickly

Tls probers (waste of time clients) have sslv3 requests redirected to something more modern tls. Milters where odd to debug.  See the mailgraph heading below for a downside.

Dnssec

My manual method of signing zones still works – the daemon software in jessie i could not figure out – mostly because most people never used it or compiled a better version and never used the debian package being out of date.  It is something i might look at in the future

Signing zones currently takes a minute and is something i spend twelve minutes a year doing.

Not sure of and probably blame me department

cyrus imap

I am on the fence on this upgrade and feel the config still needs looking at despite working it seems a little no there et after i did seem to lose a lot of config commands to get it to work along with those bloody sockets i had to delete..

Hard to fix and runtime issues with solutions.

mod_defensible

Appears to work but now does not log – kind of/maybe situation – apache says it wrote 403 errors, but the confirmation from before means i take one softwares fact as a unknown.

Hairy eyeball those emails from root to to get these – you did read them right ?.

Mailgraph

Is not updating its png images, html updates with the date and time – think this is not a systemd thing once again not /etc/default or init.d issue.- not an urgent issue and might be something due to postmulti since spam is logged in the chart and the mail.log has stuff in it.

I get

Well it recorded the one spam

Which is not an accurate representation of activity – files do update but no postfix activity in charts.   Not working.i guess due to incompatible parsing of:

postfix-instancex/smtpd[*]: disconnect from unknown[14.161.40.101]
 helo=1 auth=0/1 quit=1 commands=2/3

My theory anyhow

logwatch

I had to adjust the cron job to get the more detailed report once again for stretch to reflect as jessie. not hard.

p0f

Has had a redesign  – we only used for port 25 scanning with amavis and now does not work with the old config.   With postfix improvements i might let this fall in to non use.

X Logout leaves running processes

Don’t ask me why but it does cache cleaner, and hplip and systemd seem unhappy with something.

rkhunter

Need –pkgmgr DPKG in cron.daily as extra parameters

logrotate

I need

TMPDIR=/var/tmp
export TMPDIR
/usr/sbin/logrotate /etc/logrotate.conf
TMPDIR=/tmp
export TMPDIR

Or i get mail errors

Yara

Can now be ‘easily’ installed without’breaking’ debian.so i might be adding to the virus scanner which gets little cause for use with our mail config refusing bad content before it gets to a scanner.

Opendmarc

reporting (my blog) command appears to now send reports from more than just the first reporting host who got on with it and did not complain.  I guess the atps and other dns lines might be deemed redundant.

apt

The package maanager does ttry o do more than it should trying to restart things – an easy example yesterday apt upgraded apache2 documents and tried to add the module and failed when the conf file it tried to read did not exist where debian assumed it was.

So i had to restart apache.manually.

Overall not a disaster.   Something i might think as a good idea at some point but then again it as a server does a lot of jobs.I guess upgrading one server with one task would be less stressful.

apt-xapian-index

I have decided to disable it since this shit software has done absolutely nothing for years except produce a weekly stack trace.

/etc/cron.weekly/apt-xapian-index:
Traceback (most recent call last):
File “/usr/sbin/update-apt-xapian-index”, line 97, in <module>
if not indexer.setupIndexing(force=opts.force, system=opts.pkgfile is None):
File “/usr/lib/python2.7/dist-packages/axi/indexer.py”, line 518, in setupIndexing
addon.obj.init(dict(values=self.values), self.progress)
File “/usr/share/apt-xapian-index/plugins/translated-desc.py”, line 105, in init
self.indexers.append(Indexer(lang, file))
File “/usr/share/apt-xapian-index/plugins/translated-desc.py”, line 41, in __init__
for pkg in deb822.Deb822.iter_paragraphs(open(file)):
File “/usr/lib/python2.7/dist-packages/debian/deb822.py”, line 388, in iter_paragraphs
x = cls(iterable, fields, encoding=encoding)
File “/usr/lib/python2.7/dist-packages/debian/deb822.py”, line 336, in __init__
self._internal_parser(sequence, fields)
File “/usr/lib/python2.7/dist-packages/debian/deb822.py”, line 441, in _internal_parser
line = self._detect_encoding(line)
File “/usr/lib/python2.7/dist-packages/debian/deb822.py”, line 217, in _detect_encoding
return value.decode(result[‘encoding’])
TypeError: decode() argument 1 must be string, not None
run-parts: /etc/cron.weekly/apt-xapian-index exited with return code 1

I may have mentioned it before once or maybe twice (my blog)

Anyhow that’s one piece of software that will not be bothering the zoo in debain stretch .

upsetting hplip when reinstalling a printer queue

One of the zoos printers was not working via hplip after i compiled it so i deleted it and set it up again for the new printer (my blog). One has real ink and the other has non hp toner (my blog) in it – hplip the linux driver for printing then refused to tell me any other ink levels -genuine or not regardless of the sorry state of guessing ink quantity by this hp software which is best ignored imho.

I feel so chastised*. – still see no purpose in buying hp ‘genuine’ ink after all .

*when the ink does not print it probably means it needs toner.